Sam Paredes (CoffeeJunkie)

Sam Paredes (CoffeeJunkie)

Cybersecurity student and pentester in continuous development.

Day 88/100 Hack and Improvement

less than 1 minute read

Day 88 comes with some readings on information disclosure and XSS in hidden inputs.

Hacking companies through help desk

From Rajesh Ranjan. Day 88 comes with a simple bug, which was leaking the sensitive data of the user.

Here is the link for the article

XSS in Hidden Input Fields

From Sam (CoffeeJunkie). XSS in input fields has been something interesting to test about. In this case this research from PortSwigger, this writeup seemed to be pretty interesting where it actually explains the purpose.

accesskey="X" onclick="alert('xss')"

This an example on how it can be used. Full write up here

via GIPHY

Leave a comment

You may also enjoy

Day 97/100 Hack and Improvement

less than 1 minute read

Due to travel reasons #100daystohackandimprove moved to twitter. The following days will be posted on Twitter till day 97.